Refused to get unsafe header “Content-Disposition”

Hit into this error when tying to get the “Content-Disposition” header using XMLHttpRequest.

Finally found the solution is to include CORS access control headers in HTTP response….

Take note that it’s not Access-Control-Allow-Headers but Access-Control-Expose-Headers

Credit to this stackoverflow post.

 

dicksonkho

 

One thought on “Refused to get unsafe header “Content-Disposition”

Leave a Reply

Your email address will not be published. Required fields are marked *